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Commissioner for Patents 
P.O. Box 1450 
Alexandria, VA 22313-1450 

Dear Sir: 

Applicant requests review of the rejection in the above-identified application. No 
amendments are being filed with this request. This request is being filed with a notice of appeal. 
The review is requested for the reason(s) stated below. 

Claims 1-6, 8-31, 33-47 and 49-72 remain pending in the application. Reconsideration of 
the present case is earnestly requested in light of the following remarks. Please note that for 
brevity, only the primary arguments directed to the independent claims are presented, and that 
additional arguments, e.g., directed to the subject matter of the dependent claims, will be 
presented if and when the case proceeds to Appeal. 

The Examiner rejects claims 1-6, 8-31, 33-47 and 49-72 under the judicially created 
doctrine of obviousness-type double patenting as being unpatentable over claims 1-47 of co- 
pending Application No. 09/653,215. Applicants traverse this rejection on the grounds that the 
Examiner has not stated a proper prima facie rejection. 

The only support given by the Examiner for the rejection is that "both applications are 
claiming [a] method for accessing a service in a distributed computing environment in which a 
client request[s] capability credentials to access [a] portion of a service through advertisement." 
However, simply because both applications claim some overlap in subject matter is not a proper 
reason for holding the claims of the present application obvious from the claims of the listed 
applications. According to MPEP 804.II.B.1, "the analysis employed in an obviousness-type 
double patenting determination parallels the guidelines for a 35 U.S.C. 103(a) rejection." This 
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section of the MPEP also states that the same "factual inquires ... that are applied for establishing 
a background for determining obviousness under 35 U.S.C. 103(a) are employed when making an 
obviousness-type double patenting analysis." MPEP 804.II.B.1 also states that the Examiner 
should list the differences between each rejected claim and the claims of the other 
patent/application, and for each difference the Examiner should give the reasons why a person of 
ordinary skill in the art would conclude that the invention defined in the claim is an obvious 
variation of the invention defined in a claim of the other patent/application. Simply stating that 
the claims both recite some overlap in subject matter is not a valid reason why a person of 
ordinary skill in the art would conclude that the invention defined in each claim is an obvious 
variation of the invention defined in a claim of the other patent/application. Nor has the 
Examiner specifically addressed each difference of each claim of the present application 
compared to the claims of the other applications. Instead, the Examiner improperly lumped all 
the claims together and did not address each specific difference. The Examiner clearly has not 
met the requirements stated in MPEP 804.H.B.1 to establish a prima facie obviousness-type 
double patenting rejection. Accordingly, Applicants respectfully request removal of the double 
patenting rejection of claims 1-6, 8-31, 33-47, and 49-72. 

The Examiner rejected claims 1, 2, 8-13, 15-17, 20, 21 and 23-26 under 35 U.S.C. § 
1 02(a) as being anticipated by Adams (U.S. Patent 6,7 1 8,470). The Examiner also rejected 
claims 3-6, 18 and 19 under 35 U.S.C. § 103(a) as being unpatentable over Adams in view of 
Czerwinski, et al. ("An Architecture for a Secure Service Discovery Service") (hereinafter 
"Czerwinski"), and claims 27-31, 33-36, 38-45, 47, 49-53, 55-59, 61-67, 60, 70 and 72 under 35 
U.S.C. § 102(a) as being anticipated by Adams or under 35 U.S.C. § 103(a) as being unpatentable 
over Adams in view of Czerwinski. Applicants respectfully traverse these rejections for at least 
the reasons below. 

Regarding claim 1, contrary to the Examiner's assertion, Adams fails to disclose 
determining client capabilities for a client , where the client capabilities are capabilities of the first 
service that the client is permitted to use. Adams teaches a system for granting security privileges 
by providing test criteria data so that matching security privilege certificates (or other 
authorization credentials) may be selected from among multiple subscriber privilege data. Adams 
teaches that certificates, such as Kerberos tickets, privilege attribute certificates, or other public 
key certificates (Adams, column 7, lines 48-55) may be selected from among multiple privilege 
data based on test criteria supplied by a relying unit (such as a software application, computer 
node or other entity). A selector entity may search a common repository of security privilege 
certificates. The selector entity then returns any and all privilege data that meets the test criteria 
data. Thus, the selector unit may return multiple certificates, each of each meets the test criteria 
data, (see, Adams, column 3, lines 26-59; column 4, lines 25-36; and column 5, lines 18-46). 
However, Adams fails to mention anything about determining the client's capabilities, where the 
client capabilities are capabilities of the first service that the client is permitted to use. 

The Examiner cites column 6, lines 49-61 and specifically refers to Adams' centralized, 
privilege data selector. However, the cited passage does not describe determining a client's 
capabilities. Instead, the cited passage only refers to how Adams' privilege data selector selects 
among privilege data for a plurality of subscribers. As noted above, Adams teaches that his data 
selector selects privilege data that meets test criteria data supplied by the relevant relying party. 
Thus, the privilege data selector does not determine a client's capabilities, but instead only 
compares the potential privilege data, such as may be stored in a certificate repository, to the 
supplied test criteria data. Adams does not describe his privilege data selector as determining 
client capabilities. Instead, Adams teaches that the privilege data selector selects among 
subscriber privilege data "based on the privilege test criteria data." Nowhere does Adams 
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mention determining a client's capabilities where the client capabilities are capabilities of the first 
service that the client is permitted to use. 

Adams also fails to disclose binding the client capabilities to the authentication 
credential . The Examiner cites column 6, lines 65-66 and argues that the matching attributes are 
sent as pre-qualification data. However, the matching attributes referred to in the cited passage 
are the authentication credentials (such as Kerberos tickets, privilege attribute certificates or other 
public key certificates) and are not bound to any client capabilities. Nowhere does Adams 
mention binding determined client capabilities to an authentication credential. The cited passage 
only states that any attribute certificates matching the test criteria data are sent as pre- 
qualification privilege data back to the subscriber unit. Adams also teaches that after the 
subscriber unit sends the pre-qualification privilege data to the relying unit, the relying unit 
performs a pre-qualification privilege verification to ensure that the supplied attribute certificates 
do indeed meet the test criteria data. Sending matching attribute certificates and verifying that 
they match certain test criteria data does not have anything to do with binding client capabilities 
to an authentication credential. 

Additionally, Adams fails to disclose the service using the authentication service to 
authenticate the authentication credential received in the message from the client. The Examiner 
cites column 7, lines 3-8 where Adams teaches that after the subscriber unit sends pre- 
qualification privilege data to the relying unit, the relying unit performs a pre-qualification 
privilege verification to ensure that the supplied attribute certificates do indeed meet the test 
criteria data. The Examiner also argues, "the relying party uses the centralized privilege data 
selector to generate credential for authentication." However, generating an authentication 
credential is not the same as using an authentication service to authenticate an authentication 
credential obtained from the authentication service by a client and sent to the service, as recited in 
claim 1. Furthermore, the cited passage does not support the Examiner's statement. Instead, the 
cited passage states that the relying party unit performs the pre-qualification privilege verification 
and sends a confirmation message back to the subscriber unit. However, the pre-qualification 
privilege verification does not involve the relying unit using the central privilege data selector to 
perform the verification. Adams teaches that the pre-qualification privilege verification involves 
comparing the test criteria data with the pre-qualification privilege data (e.g. the attribute 
certificates) "to see if they are consistent." Adams system involves the relying unit verifying that 
the attribute certificates actually meet the test criteria data. Contrary to the Examiner's assertion, 
nowhere does Adams state that the privilege data selector is used as part of this verification. 

Applicants remind the Examiner that anticipation requires the presence in a single prior 
art reference disclosure of each and every limitation of the claimed invention, arranged as in the 
claim . M.P.E.P 2131; Lindemann Maschinenfabrik GmbH v. American Hoist & Derrick Co., 221 
USPQ 481, 485 (Fed. Cir. 1984). The identical invention must be shown in as complete detail as 
is contained in the claims. Richardson v. Suzuki Motor Co., 9 USPQ2d 1913, 1920 (Fed. Cir. 
1989). As discussed above, Adams fails to disclose determining client capabilities for a client , 
where the client capabilities are capabilities of the first service that the client is permitted to use, 
binding the client capabilities to the authentication credential and the service using the 
authentication service to authenticate the authentication credential received in the message from 
the client. Therefore, Adams clearly cannot be said to anticipate claim 1. 

For at least the reasons above, the rejection of claim 1 is not supported by the prior art 
and removal thereof is respectfully requested. Similar remarks also apply to claims 27, 43, 51 
and 62. 
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Regarding claim 17, Adams fails to disclose a client obtaining a service advertisement for 
a service, where the service advertisement includes an address for an authentication service . The 
Examiner cites column 31-67. However, the cited passage makes no mention of a client 
obtaining a service advertisement for a service that includes an address for an authentication 
service. Instead, the cited passage describes one embodiment of Adams' system in which the 
relying party sends privilege test criteria data to a centralized privilege data selector and in which 
a subscriber sends identification information to the centralized privilege data selector. The data 
selector then returns to the subscriber all attribute certificates from a certificate repository that 
meet the received test criteria data. The subscriber then transmits the returned certificates to the 
relying unit. No mention is made in the cited passage regarding a client obtaining a service 
advertisement for a service, where the service advertisement includes an address for an 
authentication service. According to the Examiner's interpretation, Adams' subscriber would 
have to obtain a service advertisement for the relying party unit and the service advertisement 
would have to include an address for the centralized privilege data selector. However, Adams 
system does not include any service advertisement for a relying party unit that includes an 
address for the centralized privilege data selector. The Examiner has clearly misinterpreted the 
teachings of Adams. 

Additionally, Adams does not disclose the client generating a message gate for accessing 
the service, where the message gate embeds the authentication credential in every message from 
the client to the service. The Examiner cites column 6, lines 65-67 where Adams states that any 
matching attribute certificates are sent as pre-qualification privilege data back to the subscriber 
unit and that the subscriber unit then transmits the pre-qualification privilege data to the relying 
unit through a suitable communication link. The cited passage does not mention anything about 
the subscriber unit, which the Examiner considered a client, generating a message gate that 
embeds the authentication credential in every message from the client to the service. The mere 
mention of "a suitable communication link" does not disclose the specific limitation of generating 
a message gate that embeds an authentication credential in every message. Adams does not 
describe, either at the cited passage or elsewhere, anything about message gates or embedding an 
authentication credential in every message from a client to a service. The Examiner is merely 
relying upon speculation, which is clearly improper. 

Thus, for at least the reasons above, the rejection of claim 17 is not supported by the cited 
art and removal thereof is respectfully requested. Similar remarks also apply to claims 58 and 69. 

Regarding the § 102(a) of independent claims 27, 43, 51 and 62, please refer to the 
remarks above regarding the § 102 rejection of claim 1, as they apply with equal force to claims 
27, 43, 5 1 and 62. Similarly, regarding the § 102(a) of independent claims 58 and 69, please refer 
to the remarks above regarding the § 102 rejection of claim 17, as they apply with equal force to 
claims 58 and 69. 

Regarding the alternative § 103(a) rejection of independent claims 27, 43, 51, 58, 62 and 
69 the Examiner has failed to provide a proper rejection. For each of these independent claims 
(as well as for several of their respective dependent claims) the Examiner rejects them merely 
"for the same reasons set forth in rejecting" either claim 1 or claim 17. However, claims 1 are 17 
are not rejected under § 103(a) over Adams in view of Czerwinski. It has been very well 
established that to establish a prima facie case of obviousness (e.g. a proper § 103(a) rejection) 
three basic criteria must be met. First, there must be some suggestion or motivation to modify the 
reference or to combine reference teachings. Second, there must be a reasonable expectation of 
success. Finally, the prior art reference(s) must teach or suggest all the claim limitations. (See, 
M.P.E.P. § 2143). The Examiner has not met any of the three basic requirements of a proper § 
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103(a) rejection of claims 17 and 33. Furthermore, the Examiner "bears the initial burden of 
factually supporting any prima facie conclusion of obviousness." If the Examiner does not 
produce a prima facie case, "the applicant is under no obligation to submit evidence of 
nonobviousness " (see, M.P.E.P. § 2142). 

The Examiner has not provided any argument or explanation regarding the proposed 
combination of Adams and Czerwinski in regard to independent claims 27, 43, 51, 58, 62 and 69. 
Nor has the Examiner shown how a combination of Adams and Czerwinski might teach or 
suggest all the limitations in each of the rejected claims. Nor has the Examiner provided any 
motivation to combine the teachings of Adams and Czerwinski in the rejection of claims 27, 43, 

■ 51, 58, 62 and 69. Thus, the Examiner has failed to provide a proper prima facie § 103(a) 

rejection of claims 27, 43, 51, 58, 62 and 69. Applicants also note that deficiencies of Czerwinski 
in regard to claims 27, 43, 51, 58, 62 and 69 are discussed in Applicants' previously filed Appeal 

* Brief from which the Examiner reopened prosecution with the current rejection. For the reasons 

stated above in regard to Adams and the reasons stated in the previous Appeal Brief in regard to 
Czerwinski, it is clear that neither Adams nor Czerwinski, alone or in combination, teaches or 
suggests all the limitations of independent claims 27, 43, 51, 58, 62 and 69. 

Thus, for at least the reasons given above, the rejections of independent claims 27, 43, 5 1, 
58, 62 and 69 are not supported by the prior art and removal thereof is respectfully requested. 

In light of the foregoing remarks, Applicant submits the application is in condition for 
allowance, and notice to that effect is respectfully requested. If any extension of time (under 37 
C.F.R. § 1.136) is necessary to prevent the above referenced application from becoming 
abandoned, Applicants hereby petition for such an extension. If any fees are due, the 
Commissioner is authorized to charge said fees to Meyertons, Hood, Kivlin, Kowert & Goetzel 
PC Deposit Account No. 50 1 505/5 1 8 1 -64800/RCK. 



Also enclosed herewith are the following items: 

^ Return Receipt Postcard 
^ Notice of Appeal 



Respectfully submitted, 




Robert C. Kowert 
Reg. No. 39,255 

ATTORNEY FOR APPLICANT(S) 



Meyertons, Hood, Kivlin, Kowert, & Goetzel, P.C. 

P.O. Box 398 

Austin, TX 78767-0398 

Phone:(512) 853-8850 

Date: August 26. 2005 
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